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REMARKS/ARGUMENTS 

Claims 1-23 are pending in the application. Reconsideration and a withdrawal of 
the rejection are hereby respectfully requested in view of the above amendments and the 
following remarks. 

Applicant is pleased that the Albrecht (U.S. Patent 7,020,895) is no longer being 
asserted as a basis for rejection and appears to have been overcome by Applicant's 
previous arguments. 

Applicant submits that the present claims, as currently amended and presented, 
define patentable subject matter which is neither anticipated nor obvious in view of the 
cited references. 

Claims 13, 20, 21 and 22 stand rejected under 35 USC 112, 2nd paragraph, as 
being indefinite. This rejection is respectfully but strenuously traversed and 
reconsideration and a withdrawal of the rejection are hereby respectfully requested. 

The examiner indicates that claim 20 recites terms that lack antecedent basis. 
Applicant has amended Claim 20 to more particularly and clearly define the Applicant's 
claimed invention. Accordingly, reconsideration and a withdrawal of the 1 12 rejection, 
with respect to claim 20, is hereby respectfully requested. 

The examiner also has rejected Claim 21 as not clearly defining and explaining 
the invention. Applicant has amended Claim 21 to more particularly distinguish the 
features of the Applicant's invention, including by reciting a mail transport agent. 
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Claim 22 has been rejected due to the term "may" appearing which was 
considered indefinite. Applicant has deleted this term and replaced it with -is-. 

Applicant has amended Claim 13 to include the feature of the sorting step prior to 
transfer to said at least one secondary storage component. Reconsideration and a 
withdrawal of the rejection with respect to claims 21, 22, and 13 are hereby respectfully 
requested in view of the above amendments. 

Claim 18 stands rejected under 35 U.S.C. 101. Applicant has amended claim 18 
in accordance with the Examiner's suggestions. Reconsideration and a withdrawal of the 
rejection are hereby requested. 

Claims 1-23 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Dickinson., Ill et al. (U.S. 6,609,196), in view of Motoyama et al. (U.S. 7,131,070). This 
rejection is respectfully traversed, and reconsideration of the rejection is respectfully 
requested. 

The Examiner contends that Dickinson discloses the Applicant's claimed 
invention including a method for processing stored and forwarded code (i.e., receive and 
transmit) referring to Dickinson (col. 2, lines 2-9 and col. 4, lines 30-40). The Examiner 
further relies on Dickinson for a disclosure of transferring code, from a storage 
component (i.e., relay module such as Sendmail) (202, Fig. 2, col. 4, lines 9-29), to a 
transfer component (i.e., policy engine accept message from relay module), (214, Fig. 2, 
col. 4, lines 52-59). 
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The Examiner additionally relies on Dickinson for what is considered to be a 
disclosure of the step of transferring said code from said transfer component to a 
proscribed code scanner (i.e. policy engine calls the policy managers to apply policies), 
relying on 216, Fig. 2 and col. 4, lines 59- col. 5, line 3, and col. 5, lines 15-31. The 
Dickinson reference also is relied on for allegedly indicating via said proscribed code 
scanner to said transfer component, whether said code contains said proscribed code, and, 
without transmitting said code to said transfer component (i.e. the policy engine then 
receives the results from the policy manager) (col. 5, lines 3-14). 

The Examiner acknowledges that Dickinson is deficient in that it fails to disclose 
transferring said code to at least one secondary storage component based on said 
indication. The rejection therefore utilizes a second reference, Motoyama et al., as a 
basis for allegedly disclosing transferring said code to at least one secondary storage 
component based on said indication (i.e., queue of relay MTA) (citing to Fig. 7, and col. 
10, lines 15-48). 

The Examiner considers that it would have been obvious to one of ordinary skill 
in the art to combine the teachings of the cited references because of the contention that 
Motoyama's teaching of multiple relay MTA "would enable to receive and transmit 
message properly to any types of connection from any communication networks." (Office 
Action, p. 5) 

Applicant's invention is not disclosed or suggested by these cited references, even 
when they are combined, as proposed in the Office Action. 
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Applicant discloses and claims a novel method and apparatus for intercepting, 

examining and controlling code, data, files and their transfer. 

The Examiner looks to Dickinson, in particular, the following passages: 

In a principal aspect, the present invention provides an e-mail firewall 
(105) for screening e-mail messages (204) originating in, or entering into a 
computer network (101, 103). Embodiments employing the principles of 
the present invention advantageously take the form of an e-mail control 
system (105) that controls e-mail messages (204) transmitted from and 
received by a computing site. The e-mail control system (105) includes a 
message encryptor (526) which encrypts, in accordance with at least a first 
stored encryption key (528), a first designated type of message (204) 
transmitted from the computing site, 
(col. 2, lines 2-9) 

E-mail messages 204 received and/or transmitted by SMTP relay 202 are 
preferably encoded in accordance with the S/MIME (Secure/Multipurpose 
Internet Mail Extension) protocol as specified by the Internet Engineering 
Task Force in documents entitled "S/MIME Message Specification" 
(1997) and "S/MIME Certificate Handling" (1997). Advantageously, the 
S/MIME protocol builds security on top of the industry standard MIME 
protocol according to Public Key Cryptography Standards (PKCS) 
specified by RSA Data Security, Inc. S/MIME advantageously offers 
security services for authentication using digital certificates, and privacy, 
using encryption. Digital certificates are preferably implemented in 
accordance with the X.509 format as specified in "Information 
Technology-Open Systems Interconnection-The Directory: 
Authentication Framework," also known as "ITU-T Recommendation 
X.509" (June 1997). Encryption is preferably performed by one of the 
following symmetric encryption algorithms: DES, Triple-DES, and RC2. 
The S/MIME protocol is well known and widely used and provides 
encryption and digital signatures and is therefore preferable as a 
communications protocol. The precise details by which the protocol 
operates is not critical. Moreover, it should be understood that other secure 
messaging protocols, such as PGP (Pretty Good Privacy) or Open PGP— as 
specified by the ITF working group may also be used, 
(col. 4, lines 30-40) 

FIG. 2 of the drawings illustrates in block diagram form the major 
functional components of e-mail firewalls 105.1 and 105.2. In FIG. 2, a 
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Simple Mail Transfer Protocol (SMTP) relay module 202 performs the 
functions of a conventional Internet relay host, An example of an Internet 
relay host is the Sendmail program. The SMTP relay module 202 
transmits and receives e-mail messages such as shown at 204 to and from 
an internal site 210 and external sites 212. E-mail message 204 takes the 
form of a conventional e-mail message which contains a plurality of user 
specified information fields, such as source field 205 specifying an e-mail 
address for the source of the message 204, a destination field 206 
specifying one or more destination e-mail address(es) for the message 204, 
a subject field 207 specifying a subject for the message 204, a body field 
208 specifying the body of the message 204 containing textual and/or 
graphics data, and an attachment field 209 specifying one or more files to 
be transmitted with the message 204. Other user specified fields include, 
but are not limited to, priority of the message, identify of the sending 
agent and the date and time of the message. 

E-mail message 204 may be encoded in accordance with one of a plurality 
of encoding formats as explained in further detail below. SMTP relay 
module 202 preferably takes a conventional form of a software module 
which receives and transmits e-mail messages in accordance with the 
Simple Mail Transfer Protocol as specified by Internet RFC 821. The 
SMTP protocol is not critical and in other embodiments, the SMTP relay 
module may be replaced with a module that receives and/or transmits 
messages in other formats such as the File Transfer Protocol (FTP) or the 
Hyper-Text Transfer Protocol (HTTP), 
(col. 4, lines 9-29) 

FIG. 3 illustrates the manner in which messages received by the SMTP 
relay module 202 from internal site 210 and external sites 212 are 
processed by policy engine 214. Policy engine 214 accepts messages from 
SMTP relay module 202 and determines which policies are applicable to a 
message by building a list 302 of sender policies for the sender (source) 
205 of the message, and building a list 304, 306 and 308 of recipient 
policies for each recipient, 
(col. 4, lines 52-59) 

The policy engine 214 then calls the policy managers 216 to apply each 
policy. The different types of policies have a predetermined priority in 
which they are applied. For example, decryption policies are applied 
before other policies, to allow the policies that operate on the body 208 of 
the message to be able to access the contents contained therein. In an 
alternative embodiment, the order in which the policies are applied is 
selectable by a system administrator. Access manager policies get applied 
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after decryption policies and then the other policy managers are called 
repeatedly and in the order implied by the policies to be applied to the 
message. 

(col. 4, line 59 - col. 5, line 3) 

Policy managers 216 operate to enforce policies entered by an 
administrator of e-mail firewall 105. Policy managers 216 preferably 
comprise a plurality of modules for enforcing administrator configured 
policies directed to specific aspects of e-mail messages. For example, in e- 
mail firewall 105, policy manager 216 implements a plurality of manager 
modules including an access manager 218, a content manager 220, a 
format manager 222, a virus manager 224 and a security manager 226. 
Policy managers 216 are preferably developed by inputs entered by an 
administrator by way of configuration module 230. Configuration module 
230 also operates, in response to information entered by an administrator, 
to configure SMTP relay 202 and policy engine 214. The policy managers 
shown in FIG. 2 and described herein are merely illustrative of an 
exemplary embodiment. Other types of policy managers are contemplated 
as being within the principals described herein. 

(col. 5, lines 15-31) 

The policy engine 214 then calls the policy managers 216 to apply each 
policy. The different types of policies have a predetermined priority in 
which they are applied. For example, decryption policies are applied 
before other policies, to allow the policies that operate on the body 208 of 
the message to be able to access the contents contained therein. In an 
alternative embodiment, the order in which the policies are applied is 
selectable by a system administrator. Access manager policies get applied 
after decryption policies and then the other policy managers are called 
repeatedly and in the order implied by the policies to be applied to the 
message. The policy engine 214 then receives results from policy 
managers 216 and transmits messages to SMTP relay module 202 in 
accordance with the received results. The results received by the policy 
engine 214 comprise actions such as disposition, annotation and 
notification described in further detail herein. The result of processing of a 
message 204 by policy engine 214 can result in generation of a plurality of 
additional messages, for example, for notification to the sender or 
recipient, or to the system administrator. In a preferred embodiment, the 
policy engine 214 is implemented as a program executed by a digital 
computer. 
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(col. 5, lines 3-14) 

Previously, Applicant had distinguished Dickinson, pointing out that Dickinson 
fails to disclose or suggest the Applicant's method wherein a second secondary storage 
component is employed, where the email code or message is passed (or "ok'd") for 
distribution. Applicant's invention performs this task based on what is required of a file 
by the proscribed code scanner in communication with the first transfer component. 
Therefore, the Applicant's method is distinguishable over what Dickinson is doing, 
because according to the Applicant's method, in order to permit passage of the "passed" 
file, the proscribed code scanner tells the transfer component by returning an indicator to 
the transfer component, which, in turn, facilitates transfer of the header and body 
components to appropriate queues based on the indication from the proscribed code 
scanner. (See Applicant's published specification at [0034].) 

As a basis for the current rejection, the Dickinson disclosure is now sought to be 
combined with the disclosure of Motoyama et al., in particular the Motoyama et al. 
multiple relay MTA. The cited portion of Motoyama et al. reads: 


FIG. 7 illustrates an alternative implementation of transferring mail and is 
based on FIG. 28.3 of Stevens. FIG. 7 illustrates an electronic mail system 
having a relay system at each end. The arrangement of FIG. 7 allows one 
system at an organization to act as a mail hub. In FIG. 7, there are four 
MTAs connected between the two user agents 304 and 316. These MTAs 
include local MTA 322, relay MTA 328, relay MTA 332, and local MTA 
340. The most common protocol used for mail messages is SMTP (Simple 
Mail Transfer Protocol) which may be used with this invention, although 
any desired mail protocol may be utilized. In FIG. 7, 320 designates a 
sending host which includes the user at a terminal 302, the user agent 304 
and the local MTA 322. The application unit 300 is connected to, or 
alternatively included within, the sending host 320. As another case, the 
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application unit 300 and host 320 can be in one machine, where the host 
capability is built into the application unit 300. Other local MTAs include 
local MTA 324 and 326. Mail to be transmitted and received may be 
queued in a queue of mail 330 of the relay MTA 328. The messages are 
transferred across the TCP connection 310, which may be, for example, 
the Internet, or may be any other type of network or connection. 

The transmitted messages are received by the relay MTA 332 and if 
desired, stored in a queue of mail 334. The mail is then forwarded to the 
local MTA 340 of a receiving host 342. The mail may be placed in one or 
more of the user mailboxes 314 and subsequently forwarded to the user 
agent 316 and finally forwarded to the user at a terminal 318. If desired, 
the user may not be required to be at the terminal and the mail may be 
directly forwarded to the terminal without user interaction. Other local 
MTAs at the receiving side include MTA 338 and local MTA 336 which 
may have their own mailboxes, user agents, and terminals. 

(Motoyama et al., col. 10, lines 15-48) 

Applicant's invention provides novel features which the cited references fail to 

disclose. For example, Applicant provides a plurality of queues into which a transfer 

component may move code. Applicant's specification discusses this feature. 

[0034] After Proscribed Code Scanner scans the message for 
proscribed code, it returns an indicator of the result of the scan to 
Transfer Component la. This proscribed code indicator may take 
many forms: e.g. whether the content is acceptable, that is, has no 
proscribed code; whether the message is virus infected; whether 
the message is merely spam, etc. Transfer Component la moves 
the header and body components to the appropriate queues, (Queue 
2a, Queue 3 a, Queue 4a or Queue 5 a) based on the indication from 
the Proscribed Code Scanner as described above. 

[0035] In especially preferred embodiments, a proscribed code 
scanner and transfer component are able to communicate in order 
to assist the process. For example, a transfer component might well 
use the same or similar flags or other indicators of a proscribed 
code scanner if the proscribed code scanner is a self-contained 
engine, such as VFIND.RTM. by CyberSoft, Inc. This type of 
information exchange would be also helpful in a number of other 
ways, for example, to interrogate a proscribed code scanner in 
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order to understand the scanner's messaging processing status, etc. 

[0036] Returning now to the embodiment of FIG. 2, each 
secondary queue contains a different category of messages or 
attachments after processing by proscribed code scanner, 
secondary queue directory Queue 2a contains messages that have 
passed the scanning and may now be processed by Sendmail 2a 
accordingly; secondary queue directory Queue 3a contains 
messages that are infected by a virus; secondary queue directory 
Queue 4a contains messages that qualify as junk mail or spam; 
and, secondary director, Queue 5a contains messages that contain 
confidential material that is not to be sent by email. In other 
embodiments there may be more or fewer secondary queue 
directories, as desired, containing any sort of code categories. For 
example, one embodiment of the present invention may sort mail, 
or other stored and forwarded code, into categories, for example by 
size. The number of secondary queue directories in this type of 
embodiment could then depend upon message sizes, with different 
sizes being placed into different secondary queues. Such an 
arrangement would assist in preventing message lag, wherein large 
messages would take more time to pass through the system and so 
block smaller messages. By placing larger messages into a 
secondary queue or queues separate from the secondary queues of 
smaller messages, the smaller messages could proceed through the 
system more quickly. 

[0037] In some preferred embodiments, the message header 
provides information to be used for decisions by a transfer 
component. For example, an embodiment may implement a 
number of proscribed code scanners, each with different settings 
for scanning different code. Messages may be sent to a particular 
scanner by a transfer component according to header information, 
i.e., a previously untrustworthy header might sent to a virus 
proscribed code scanner, etc. Of course a header indicating spam 
might be sent directly to a queue in certain embodiments, without 
going through a proscribed code scanner first. 

Claim 1 of the present invention recites the decision which may be made 

by a transfer component without actually transmitting the code to the said transfer 

component. The independent claims 6, 10, 14, 17, 18, 19 and 20 also recite this 
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feature. It would therefore appear that the cited references, even considering the 
application of Motoyama, would fail to disclose or suggest the Applicant's 
features, including the secondary queue directory, as disclosed and claimed 
according to the Applicant's invention. Motoyama et al. discloses relays, relay 
MTA 332 and receiving host local MTA 340. The relays are specified to receive 
and transmit mail. The mail queue disclosed in Motoyama et al is for receipt of 
transmitted messages, which may be stored in the queue of mail 334 and then 
forwarded to the local MTA 340 of a receiving host 342. 

Motoyama, in particular the queue of relay MTA, is relied on for its 
alleged teaching of Applicant's step of transferring code to at least one secondary 
storage component based on an indication. Applicant's claimed invention is 
distinguishable. First, Motoyama merely discloses that mail to be transmitted or 
received may be queued in a queue of mail of the relay MTA 328. The relay is 
described as being at each end of the Motoyama mail system. However, 
Motoyama et al. is clear that the queue is provided for one of two options to take 
place, neither of which appears to constitute proscribed code scanning and the 
steps claimed in the Applicant's invention. One option is for the user to not be at 
the terminal 318 and another option is to forward the mail directly to the terminal 
without user interaction. (See col. 10, lines 38-48). 

More telling as to the distinction between the present invention and the 
cited reference is that Motoyama et al. does not even mention "virus" or 
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"proscribed code". One considering the Applicant's invention would not have 

looked to Motoyama et al. In addition, even assuming that one were to rely on 

Motoyama et al. in combination with Dickinson, III, the combination still would 

not result in the Applicant's present invention. 

The rejection attempts to credit Dickinson, III with disclosing the 

invention recited in Applicant's claim 22, in particular, where the scanner results 

in the identification of the presence of proscribed code the email code may remain 

in the secondary queue or be transferred to a second secondary queue. Neither 

Dickinson, III, nor Motoyama et al. discloses the second secondary queue where, 

in response to an indication via said proscribed code scanner, based on the 

indication, the transfer of the code takes place. To the contrary, Motoyama et al. 

would not be looked to by one of ordinary skill in the art, since Motoyama et al. 

discloses that the queue is the queue of a relay (e.g., MTA 328), and used to 

contain mail that is to be "transmitted and received". The distinction between 

Applicant's invention and the cited references is further observed by considering 

the purpose. The purpose of Motoyama et al. is not to scan for proscribed code, 

but rather, to monitor a user's usage of a target application of an application unit 

(col. 2, lines 34-36). Motoyama et al. further discusses the use of email for 

carrying out Motoyama's purpose of usage monitoring: 

The data obtained by monitoring a user's usage of a target 
application of an application unit can, as a further feature in the 
present invention, be collected and logged and then communicated 
to a desired location by Internet email. The use of email 
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communication reduces the costs associated with communicating 
such data. The data can be communicated to the desired location at 
several instances, including each time a user exits a target 
application of an application unit, or after a predetermined number 
of times that a user has utilized and exited the target application of 
the application unit. 
(Motoyama et al., col. 2, lines 55-61) 

Motoyama et al. therefore appears to utilize the queue in connection with 

its stated purpose, namely, for directly monitoring the user selections, which one 

reading Motoyama et al. would understand to mean that the queue is for sending 

and transmitting, and not for use as a plurality of secondary storage components 

which are based on an indication from a scanning with a proscribed code 

scanner. 

Applicant submits that it would not have been obvious to combine the 
references, and, moreover, even if the references are combined, the Applicant's 
claimed invention is still not taught, suggested or disclosed, and is distinguishable 
over the cited references. 

Even if Dickinson, III were to be applied, that would not result in the 
Applicant's invention. The queue referred to in Dickinson is not a storage 
component to which code is transferred by a transfer component based on an 
indication provided to the transfer component via a proscribed code scanner. 
Dickinson III distinguishes between two situations, one where a message is high 
priority and is passed through immediately, and another, where a message is low 
priority and is stored in a queue. Dickinson, III fails to teach or disclose the 
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Applicant's step of indicating to the transfer component without transmitting said 
code to a transfer component whether the code contains proscribed code. 

The rejection relies on Dickinson Ill's "policy engine 214" as disclosing 
Applicant's claimed "transfer component". The Applicant's claimed storage 
component is considered to be the Dickinson relay module 202. Dickinson III 
discloses that the policy engine 214 receives the results and transmits messages to 
the relay module 202. Applicant's invention is distinguishable over Dickinson. 
Applicant's claims specify that the indicator is used as a basis to transfer the code 
to at least one secondary storage component. (See claim 1 "transferring said code 
to at least one secondary storage component based on said indication" and 
"indicating"... "without transmitting said code to said transfer component".) 
Dickinson III does not disclose or teach this feature. In Dickinson III, the "policy 
engine 214" that the Examiner considers to be analogous to Applicant's "transfer 
component" receives the results from the policy manager 216 (considered in the 
rejection to be Applicant's proscribed code scanner) and the policy engine 214 
transmits messages to SMTP relay module 202 (what the Examiner considers to 
be the Applicant's storage component from which the transfer is made to the 
Applicant's transfer component). 

The Examiner acknowledges that Dickinson III does not meet the 
Applicant's step of transferring to a secondary storage component. However, 
Dickinson would not support the proposed modification with Motoyama et al. A 
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reading of Dickinson for what it fairly discloses is that the messages are then 
transferred to the relay module 202, and not a secondary storage means, but the 
relay module 202 that relays the message. It appears Dickinson, III teaches doing 
exactly the opposite of the Applicant's method. Dickinson, Ill's policy engine 214 
is described to receive messages from the policy manager, and not, as Applicant 
claims, receipt of an indication which Applicant's transfer component receives 
without transmitting the message code to the transfer component. One of 
ordinary skill in the art looking to Dickinson III would not have been led to arrive 
at the Applicant's claimed invention, or to make the modification that the rejection 
credits one to have made. Rather, considering the rejection which is based on the 
relay module 202 being the "storage component", the relay disclosed in Dickinson 
III would appear to not teach, suggest or disclose the Applicant's claimed 
invention, in particular, the secondary storage means. Motoyama et al. also would 
not teach Applicant's present invention, as the reference discloses that messages 
are received by the relay MTA. Storage in a queue is discussed after receipt by 
the relay MTA. 

For the above reasons, reconsideration and a withdrawal of the rejection is 
hereby respectfully requested. 

If necessary, an appropriate extension of time to respond is respectfully 
requested. 
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The Commissioner is authorized to charge any additional fees which may be 
required to Patent Office Deposit Account No. 05-0208. 

Respectfully submitted, 

HARDING, EARLEY, FOLLMER & FRAILEY 
JOHN F. A. EARLEY III 
FRANK J. BONINI, JR. 
CHARLES L. RIDDLE 
Attorneys for Applicant 
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